﻿using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Tokens;
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;

namespace B.S.BaseData.Common
{
    public class JwtTools
    {
        public string JwtNewString(IConfiguration _configuration, string uid,string Name)
        {
            //生成JWT
            //Header 选择签名算法
            var signingAlogorithm = SecurityAlgorithms.HmacSha256;
            //Paylod 存放用户信息 下面我们放了一个用户Id
            var claims = new[]
            {
                new Claim(JwtRegisteredClaimNames.Sub, uid),
                new Claim(JwtRegisteredClaimNames.Sub,Name),
                new Claim(ClaimTypes.Role,"Admin"),
                new Claim("key","value值")
                //new Claim (ClaimTypes.Role,"admin")
            };
            //Signature
            //取出私钥并以utf8编码字节输出
            var secretByte = Encoding.UTF8.GetBytes(_configuration["Authentication:SecretKey"]);
            //使用费对称算法对私钥进行加密
            var signingKey = new SymmetricSecurityKey(secretByte);
            var signingCredentials = new SigningCredentials(signingKey, signingAlogorithm);

            //使用HmacSha256来验证加密后的私钥生成数字签名
            //生成Token
            var Token = new JwtSecurityToken(            
                issuer: _configuration["Authentication:Issuer"], //发布者
                audience: _configuration["Authentication:Audience"],//接收者
                claims: claims,//存放的用户信息
                notBefore: DateTime.UtcNow,// 发布时间
                expires: DateTime.UtcNow.AddDays(1),//有效期设置为1天
                signingCredentials//数字签名
                );
            var TokenStr = new JwtSecurityTokenHandler().WriteToken(Token);
            return TokenStr;
        }
    }
    }

